Ring network security system with encoding of data entering a subnetwork and decoding of data leaving a subnetwork
First Claim
1. A network security system for use in a ring network having at least one node on a subnetwork, including:
- (a) encoding means, coupled between the ring network and the subnetwork, for receiving data from the ring network and determining if the received data is not intended to be received by a node within the subnetwork, encoding at least part of the data if so determined, and transmitting the resulting received data over the subnetwork to the at least one node;
(b) decoding means, coupled between the ring network and the subnetwork, for receiving data from the at least one node, at least some of which was previously transmitted by the encoding means to the subnetwork, determining if such received data was previously encoded by the encoding means, and decoding the received data if so determined.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for securing communications between devices connected to a ring network. In accordance with the present invention, when a message frame is passed around the ring network, a gate keeper circuit associated with at least one port of a hub determines whether the message frame is intended for any of the nodes connected to that port. If the message frame is not intended for any of the nodes connected to that port, the message frame is encoded before it exits the hub through the port to traverse the subnetwork connected to the port, and decoded after it reenters the hub through the port. If and only if at least one node on the subnetwork connected to the port is intended to receive the message frame, then each node connected to that port can read the message frame.
43 Citations
16 Claims
-
1. A network security system for use in a ring network having at least one node on a subnetwork, including:
-
(a) encoding means, coupled between the ring network and the subnetwork, for receiving data from the ring network and determining if the received data is not intended to be received by a node within the subnetwork, encoding at least part of the data if so determined, and transmitting the resulting received data over the subnetwork to the at least one node; (b) decoding means, coupled between the ring network and the subnetwork, for receiving data from the at least one node, at least some of which was previously transmitted by the encoding means to the subnetwork, determining if such received data was previously encoded by the encoding means, and decoding the received data if so determined.
-
-
2. A network security system for use in a ring network having at least one hub coupled thereto, at least one of said hubs having at least one active subnetwork connected thereto, the network security system including:
-
(a) encoding means, coupled between one of said hubs having at least one active subnetwork and one of the active subnetworks, for receiving data and determining if the received data is to be encoded based upon the destination and source of the received data, encoding at least part of the data if so determined, and transmitting the resulting data over the active subnetwork; (b) decoding means, coupled between one of said hubs having at least one active subnetwork and the one of the active subnetworks receiving data, at least some of which was previously transmitted by the encoding means to the subnetwork, for receiving data from the active subnetwork, determining if the received data was previously encoded by the encoding means based upon the destination and source of the received data, and decoding the received data if so determined. - View Dependent Claims (3, 4, 5, 6, 7)
-
-
8. A network security system for securing transmission of data within a ring network having at least one hub having at least one port to which at least one node is coupled, the ring network having at least two nodes, the network security system including:
a gate keeper circuit associated with at least one active port of at least one hub, coupled between the associated hub and the associated port, for determining if the data being transmitted to the associated port from the associated hub is intended for at least one of the nodes coupled to the associated port, and if not intended for at least one of the nodes coupled to the associated port, then encoding at least part of the transmitted data, and otherwise not encoding any of the transmitted data, and for determining if the data being transmitted from the associated port to the associated hub was intended for, or originated within, at least one of the nodes coupled to the associated port, and if not then decoding the encoded part of the transmitted data, and otherwise not decoding any of the transmitted data. - View Dependent Claims (9, 10, 11, 12, 13)
-
14. A method for securing transmissions of data within a ring network having at least one hub coupled thereto, at least one of said hubs having at least one port, the at least one port being coupled to the ring network and having an active subnetwork connected to such port, including the steps of:
-
(a) receiving data within a port; (b) determining whether the received data has a destination or source within the active subnetwork connected to the port; (c) if the data does not have a destination or source within such active subnetwork, then encoding at least part of the data, and otherwise, not encoding the data; (d) circulating the data through the active subnetwork; (e) receiving the circulated data in the port; (f) determining whether the circulated data had a destination or source within the active subnetwork connected to the port; (g) if the data did not have a destination or source within such active subnetwork, then decoding the encoded part of the data. - View Dependent Claims (15)
-
-
16. A network security system for use in a ring network having at least one node on a subnetwork, comprising:
-
(a) an encoder circuit coupled between the ring network and the subnetwork, for receiving data from the ring network and determining if the received data is not intended to be received by a node within the subnetwork, encoding at least part of the data if so determined, and transmitting the resulting received data over the subnetwork to the at least one node; and (b) a decoder circuit coupled between the ring network and the subnetwork, for receiving data from the at least one node, at least some of which was previously transmitted by the encoder circuit to the subnetwork, determining if such received data was previously encoded by the encoder circuit, and decoding the received data if so determined.
-
Specification